in cloudstack/resource_cloudstack_egress_firewall.go [423:467]
func resourceCloudStackEgressFirewallUpdate(d *schema.ResourceData, meta interface{}) error {
// Make sure all required parameters are there
if err := verifyEgressFirewallParams(d); err != nil {
return err
}
// Check if the rule set as a whole has changed
if d.HasChange("rule") {
o, n := d.GetChange("rule")
ors := o.(*schema.Set).Difference(n.(*schema.Set))
nrs := n.(*schema.Set).Difference(o.(*schema.Set))
// We need to start with a rule set containing all the rules we
// already have and want to keep. Any rules that are not deleted
// correctly and any newly created rules, will be added to this
// set to make sure we end up in a consistent state
rules := o.(*schema.Set).Intersection(n.(*schema.Set))
// First loop through all the old rules and delete them
if ors.Len() > 0 {
err := deleteEgressFirewallRules(d, meta, rules, ors)
// We need to update this first to preserve the correct state
d.Set("rule", rules)
if err != nil {
return err
}
}
// Then loop through all the new rules and create them
if nrs.Len() > 0 {
err := createEgressFirewallRules(d, meta, rules, nrs)
// We need to update this first to preserve the correct state
d.Set("rule", rules)
if err != nil {
return err
}
}
}
return resourceCloudStackEgressFirewallRead(d, meta)
}